ISA Server 2006 Web Reverse Proxy – challenges

I’ve been having a difficult time trying to set up my virtual machines to be accessible from the interweb. Although I have 5 IP addresses, I’d like to set up my sites as http://www.domain.com/sharepoint, http://www.domain.com/crm etc rather than sharepoint.domain.com, crm.domain.com.

I looked at Microsoft TMG (Threat Management Gateway) and balked at the complexity, as I remembered ISA Server being quite simple (wrong…). After an abortive attempt with ISA, I tried Squid, but although I could get the s.domain.com and c.domain.com I couldn’t get paths working

Today, I went back to ISA. I set up the site and rules fine, but kept getting an authetication error “isa server is configured to block http requests that require authentication”. It turns out the problem is that I don’t have a security certificate assigned. After some hunting, there is a Microsoft KB to fix it at http://support.microsoft.com/kb/924374

I still couldn’t get to my sites from the LAN (192.168.x.x) though; in this case, I had assigned 192.168.0.0-192.168.255.255 as the internal network range. However, this doesn’t define a default route for internal-internal, only internal-external. Simply selecting both the external and internal adaptors as valid adapters for the internal network fixed this.

Finally, I couldn’t get to my site from the outside world (tested on my iPad over 3G). It turns out that my BT external IP addresses were not showing up on the device list on the BT HGV2700 hub, so there was no external route to them. I had to enable DHCP on my external adaptor, and then assign the external IP to the device on the BT router.

Advertisements

0 Responses to “ISA Server 2006 Web Reverse Proxy – challenges”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




jzedward’s tweets


%d bloggers like this: